Merge pull request #2715 from testssl/sanitze_better_http_header.3.0

Remove inherited double line

testssl.sh

@@ -2196,15 +2196,10 @@ connectivity_problem() {
 }
 
 sanitze_http_header() {
-     # Quit on first empty line to catch 98% of the cases. Next pattern is there because the SEDs tested
+     # sed implementations tested were sometime not fine with header containing x0d x0a (CRLF) which is the usual
-     # so far seem not to be fine with header containing x0d x0a (CRLF) which is the usual case.
+     # case.  Also we use tr here to remove any crtl chars which the server side offers --> possible security problem
-     # So we also trigger also on any sign on a single line which is not alphanumeric (plus _)
+     # Only allowed now is LF + CR. See #2337.  awk OTOH, see above, doesn't seem to care -- but not under MacOS
-     #
-     # Also we use tr here to remove any crtl chars which the server side offers --> possible security problem
-     # Only allowed now is LF + CR. See #2337
-     # awk, see above, doesn't seem to care
      sed -e '/^$/q' -e '/^[^a-zA-Z_0-9]$/q' $HEADERFILE | tr -d '\000-\011\013\014\016-\037' >$HEADERFILE.tmp
-     sed -e '/^$/q' -e '/^[^a-zA-Z_0-9]$/q' $HEADERFILE | tr -d '\000-\010\013\014\016-\037' >$HEADERFILE.tmp
      # Now to be more sure we delete from '<' or '{' maybe with a leading blank until the end
      sed -e '/^ *<.*$/d' -e '/^ *{.*$/d' $HEADERFILE.tmp >$HEADERFILE
      debugme echo -e "---\n $(< $HEADERFILE) \n---"